demo.pkcs.pkcs11
Class SignCertificateRequest
java.lang.Object
demo.pkcs.pkcs11.SignCertificateRequest
- public class SignCertificateRequest
- extends Object
Signs a PKCS#10 certificate request using a token. The actual PKCS#10
specific operations are in the last section of this demo.
The hash is calculated outside the token. This implementation just uses raw
RSA.
This example works as follows. In general, the
CertificateRequest
class from the IAIK JCE toolkit works with
JCA private keys only. To get it to work with the wrapper, we need a special
AlgorithmID
class (see AlgorithmIDAdapter
)
which provides a special Signature
engine object
(see PKCS11SignatureEngine
) to the certificate
request object. This signature engine only accepts keys of type
TokenPrivateKey
, which just wraps PKCS#11 key
objects. All these helper classes are required if you want to sign a
certificate request with the PKCS#11 wrapper. If you use the IAIK PKCS#11
provider, everything is much easier. In this case, you do not need any
of these helper classes.
- Invariants
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SignCertificateRequest
public SignCertificateRequest()
main
public static void main(String[] args)
printUsage
public static void printUsage()
IAIK JavaSecurity Website http://jce.iaik.tugraz.at/
IAIK at Graz University of Technology, Austria, Europe
Copyright 2001-2002, IAIK, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria. All Rights Reserved.